Vulnerabilities > Redhat

DATE CVE VULNERABILITY TITLE RISK
2018-09-19 CVE-2018-17205 Reachable Assertion vulnerability in multiple products
An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting ofproto_rule_insert__ in ofproto/ofproto.c.
network
low complexity
openvswitch redhat canonical CWE-617
7.5
7.5
2018-09-19 CVE-2018-17204 Reachable Assertion vulnerability in multiple products
An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting parse_group_prop_ntr_selection_method in lib/ofp-util.c.
network
low complexity
openvswitch redhat canonical debian CWE-617
4.3
4.3
2018-09-19 CVE-2018-17183 Artifex Ghostscript before 9.25 allowed a user-writable error exception table, which could be used by remote attackers able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code.
local
low complexity
debian canonical artifex redhat
7.8
7.8
2018-09-18 CVE-2018-14642 Information Exposure vulnerability in Redhat Jboss Enterprise Application Platform and Undertow
An information leak vulnerability was found in Undertow.
network
low complexity
redhat CWE-200
5.3
5.3
2018-09-17 CVE-2018-11781 Code Injection vulnerability in multiple products
Apache SpamAssassin 3.4.2 fixes a local user code injection in the meta rule syntax.
local
low complexity
apache redhat debian canonical CWE-94
7.8
7.8
2018-09-17 CVE-2017-15705 Improper Input Validation vulnerability in multiple products
A denial of service vulnerability was identified that exists in Apache SpamAssassin before 3.4.2.
network
low complexity
apache redhat debian canonical CWE-20
5.3
5.3
2018-09-14 CVE-2018-14638 Double Free vulnerability in multiple products
A flaw was found in 389-ds-base before version 1.3.8.4-13.
network
low complexity
fedoraproject redhat CWE-415
7.5
7.5
2018-09-11 CVE-2018-10937 Cross-site Scripting vulnerability in Redhat Openshift Container Platform 3.11
A cross site scripting flaw exists in the tetonic-console component of Openshift Container Platform 3.11.
network
low complexity
redhat CWE-79
5.4
5.4
2018-09-11 CVE-2018-1127 Session Fixation vulnerability in Redhat Gluster Storage
Tendrl API in Red Hat Gluster Storage before 3.4.0 does not immediately remove session tokens after a user logs out.
network
high complexity
redhat CWE-384
8.1
8.1
2018-09-11 CVE-2018-1114 Resource Exhaustion vulnerability in Redhat Undertow, Virtualization and Virtualization Host
It was found that URLResource.getLastModified() in Undertow closes the file descriptors only when they are finalized which can cause file descriptors to exhaust.
network
low complexity
redhat CWE-400
6.5
6.5